CVE-2026-36670

Published
View on NVD ↗
CVSS v3
8.8
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

A Time-Based Blind SQL Injection vulnerability in the alias_management module of OpenSIPS Control Panel (opensips-cp) prior to version 9.3.3 allows authenticated attackers to execute arbitrary SQL commands via the 'table' GET parameter in alias_management.php.

Gabriel-Lacorte/CVE-2026-36670
Gabriel-Lacorte/CVE-2026-36670
Time-Based Blind SQL Injection Exploit for the OpenSIPs Control Panel (or my first CVE!)
GitHubGitHub